Sha256: 22fabccb600d12ebeb3717471df244d2e483cb4332bb37d8fe430a8051e137e5
Contents?: true
Size: 1.31 KB
Versions: 2
Compression:
Stored size: 1.31 KB
Contents
Railroader.load_railroader_dependency 'erubis'
#This is from the rails_xss plugin for Rails 2
class Railroader::Rails2XSSPluginErubis < ::Erubis::Eruby
def add_preamble(src)
#src << "@output_buffer = ActiveSupport::SafeBuffer.new;"
end
#This is different from rails_xss - fixes some line number issues
def add_text(src, text)
if text == "\n"
src << "\n"
elsif text.include? "\n"
lines = text.split("\n")
if text.match(/\n\z/)
lines.each do |line|
src << "@output_buffer.safe_concat('" << escape_text(line) << "');\n"
end
else
lines[0..-2].each do |line|
src << "@output_buffer.safe_concat('" << escape_text(line) << "');\n"
end
src << "@output_buffer.safe_concat('" << escape_text(lines.last) << "');"
end
else
src << "@output_buffer.safe_concat('" << escape_text(text) << "');"
end
end
BLOCK_EXPR = /\s+(do|\{)(\s*\|[^|]*\|)?\s*\Z/
def add_expr_literal(src, code)
if code =~ BLOCK_EXPR
src << "@output_buffer.safe_concat((" << $1 << ").to_s);"
else
src << '@output_buffer << ((' << code << ').to_s);'
end
end
def add_expr_escaped(src, code)
src << '@output_buffer << ' << escaped_expr(code) << ';'
end
def add_postamble(src)
#src << '@output_buffer.to_s'
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| railroader-4.3.5 | lib/railroader/parsers/rails2_xss_plugin_erubis.rb |
| railroader-4.3.4 | lib/railroader/parsers/rails2_xss_plugin_erubis.rb |